CVE-2023-5515

Published: Nov 1, 2023Modified: Nov 21, 2024

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

The responses for web queries with certain parameters disclose internal path of resources. This information can be used to learn internal structure of the application and to further plot attacks against web servers and deployed web applications.

Affected (1)

Products: Hitachienergy: Esoms

Hitachienergy

1 product

Esoms

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Hitachienergy Esoms	Up to 6.3.13

Related CWEs

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (2)

https://publisher.hitachienergy.com/preview?DocumentId=8DBD000175&languageCode=en&Preview=true

Source: cybersecurity@hitachienergy.com

Vendor Advisory

https://publisher.hitachienergy.com/preview?DocumentId=8DBD000175&languageCode=en&Preview=true

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

Timeline

No history available yet.